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A (GSM-GPRS) NETWORK WITH INTERNET PROTOCOL COMBINED FUNCTIONALITY 



The present invention relates to a network (GSM/GPRS) with 
functionality v;hich is related to distribution or keys for 
5 authorisation, authentication and ciphering, subscriber 
information handling and CDR generation. 

Since GSM (Global System for Mobile communication) v/as 
introduced in the Nordic countries in 1992, penetration has 
reached as high as 40 % - and is still increasing rapidly. 

10 However, this also means that large investments have been 
made in this system during those years. GSM is primarily a 
system for speech communication, which makes up 98 % of the 
total traffic. Data services exist, but are slow, 
inefficient and expensive since they are run on circuit 

15 switched connections. 

In the year 2 000, GSM will be enhanced with a general 
packet data service (GPRS) , which uses the same radio access 
as GSM together v;ith a nev/ core network, based on IP. A 
maximum of about 150 kbps can be delivered, but the actual 
2 0 bandwidth v;ill be significantly lower due to the presence of 
other, users and the quality of the radio connection. 
Databases and servers containing subscriber data, equipment 
data, short message handling, etc. already in operation for 
the GSM: system-; will be reused for GPRS. 

25 Tv/o years later, in 2002, UMTS (Universal Mobile 

Telecommunication System) v/ill be taken into operation, 
delivering up to 2 Mbit/s over radio v/ith full mobility. 
Contrary to GPRS, the UMTS radio access netv;ork v;ill be 
built from scratch and existing core networks will be 

30 modified and reused to a large extent. For the initial phase 
of UMTS, the GPRS and GSM core networks are the most 
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interesting candidates because of their capabilities to 
handle mobile terminal and. users. 

UMTS will support mixed services, which means everything 
from Internet access to multimedia conferencing. Judging 
from how fixed Internet access presently is booming, one is 
tempted to believe that mobile Internet * access will become 
equally popular. In addition, taking into account the 
development of IP telephony during the last year and the 
fact that video standards like H.323- [H.323]. are being 
developed for IP networks, it is quite- possible that an IP 
based network is the most future proof' solution for UMTS. 
When constructing public mobile networks , one has to keep in 
mind' that radio resources are scarce and that these networks 
are expensive to bperate/ and hence/ it is necessary for the 
operator to have the means to charge the users for services 
that they use. In the near future, it is- doubtful that this 
requirement can be fulfilled by (Mobile) IP networks. 
Operators, who have large investments in GSM and GPRS 
systems, could, however, reuse parts of those to complement 
the shortcomings of IP networks. 

GSM and its future packet data service, GPRS, has an advanced 
system for * - v . 

• authorisation and authentication of users/ terminals , 
including key distribution 

• ciphering over radio, including key distribution 

• subscriber information handling 

• CDR generation 

through ^ the VLR functionality in the MSG and the SGSN 
respectively and through the HLR and as well as other data 
bases . 
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The GPRS backbone is, however, not optimal because of its 
many successive protocol layers, which results in long delays 
and large overhead. 

5 The Internet Protocol is simple, flexible and optimized for 
transporting data through networks. Enhanced with MobilelP 
for handling mobility, it could be used as a core network for 
mobile systems, i.e. the mobile user could get direct access 
to the Internet; without passing through an additional 

10 network, like GPRS backbone . However, IP lacks support for 
subscriber handling and charging. Authentication and 
encryption is supported to ensure integrity and 
confidentiality but the key distribution, which is not 
standardized, is still a problem. The invention offers a 

15 solution of the security problem and form an efficient as 
well as secure core network for mobile users. 

The solution to the problem is described in the claims. 

20 UMTS is presently being standardardized and its core network 
will, in an initial phase, be based on the GPRS core network. 

Advantages to the invention is that is possibly to use the 
fixed network in a more efficient way, when the GPRS 

2 5 backbone, in a later stage, is replaced by a purer IP network 

for transporting user data under the condition that the 
security issues are solved, 

3 0 Embodiments of the invention will now be described, by way of 

example, with reference to the accompanying drawings, in 
which: 
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Figure 1 The basic GSM architecture. 

Figure 2 Overview of the GPRS logical structure 

Figure 3 The GPRS ^ Protocol architecture. The GPRS 
backbone is shaded 

Figure 4, General UMTS Architecture with the reference 
points currently identified in' UMTS, Marchl998 
[UMTS23 . 01] . 

Figure 5. Using IP for service transport end-to-end. 

Figure 6. Scenario with Mobile IP ' support for intra 

UTRAN mobility and modified SGSN's to handle subscriber 
data etc . ' 

Figure 7. Scenario with Mobile IP supporting roaming in 
foreign networks. 

Figure 8. Evolution scenario for UMTS. The IWU-Gb and 
IWU-Gbu are taken from [umts23.20]. 



A glossary of the abbreviations used in this patent 
specification is set out below to facilitate an understanding 
of the present invention. - ' 



AN 



Access Network 



AUG 



Authentication Center 



BSS 



Base Sub System 
Core Network 



CN 



DHCP 



Dynamic Host Control Protocol 
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ETSI European Teleconununication 

Standardisation Institute 
GGSN Gateway GPRS Support Node 

GPRS General Packet Radio Service 

5 GTP GPRS Tunneling Protocol 

GSM Global System for Mobile 

communication 
HA Home Agent . 

HLiR Home Location Register 

10 SP Service Provider 

IP Internet Protocol 

IWU InterWorking Unit 

MS Mobile Station 

MSG Mobile Services Switching Center 

15 MT Mobile Termination 

PLMN Public Land Mobile Network 

PSTN Public Switched Telephone Network 

QoS Quality of Service 

SGSN Service GPRS Support Node 

20 SIM Subscriber Identity Module 

SP Service Provider 

TCP Transport Control Protocol 

UDP User Datagram Protocol 

UE User Equipment 

25 UMTS Universal Mobile Telecommunications 

System 

UTRAN UMTS Terrestrial Radio Access 
Network 

VLR Visitor Location Register 

30 UMTS, the third generation cellular system currently being 
specified by ETSI, is the first cellular system to be 
optimized for extensive use of data services mixed with 
speech. One solution is to use the IP protocol for the 
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transport of services across core and access networks. Using 
a MobilelP core network would allow roaming between the 
radio access networks in a rather straightforward way. 
However, radio resources are scarce and public cellular 
5 systems are expensive to operate, and hence, it is of great 
importance that the users can be properly charged for 
services that they use. In the. near future, it is doubtful 
that this requirement can be fulfilled by (Mobile) IP 
. networks. Instead, parts of GSM/GPRS could be reused to 

.10 complement the functionality of. IP networks. 

In this description, a network scenario is presented where 
the UMTS core network is based on Mobile IPv6, which 
supports roaming and possibly also handover between UTRAN's. 
Since the GSM/GPRS system already has several key functions 

15 to handle mobile users, e.g. subscriber data, access 
control, keys for encryption ovier radio, accounting 
information, the GPRS SGSN node should ho reused to handle 
the setup of lower layer communication, including 
authentication and check of subscriber profile etc. A 

20 successful lower layer setup should be required in order to 
obtain a MobilelP care-of address. The mechanisms for 
distributing authorization and encryption keys in GSM/GPRS 
can also. be utilized for distributing keys for the IPsec 
protocol . 

25 Examples, describing how MobilelP and part of the GPRS 

core network could operate with a UMTS radio access network 
are presented later on in the description. The following 
three. sections' will give a brief introduction to those parts 
of GSM, GPRS, UMTS and IP that are relevant, for this study. 

3 0 These are followed by a short discussion on using IP end-to- 
end in mobile networks, before presenting the examples. 
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GSM 

GSM is a digital cellular system, primarily designed and 
used for speech communication [gsm] . A few data services and 
a rich set of supplementary services are standardized. The 
5 GSM network is built up of BSS's (Base Sub System), 

MSC/VLR' s (Mobile Services Switching Center /Visitor Location 
Register), HLR's and a few other data bases and service 
nodes as illustrated in figure 1. The ESS contains base 
stations and base station controllers. Each terminal is 
10 equipped vjith a' subscriber identity modules (SIM), which is 
a smart card containing, among other things, the user 
identity. 

The MJSC is the heart of the GSM system.' It's duty is to: 

• perforrri switching 

15 • detect new mobile terminals in its service area 

and perform authentication and authorization 
procedures with these terminals 

• collect information about users from their HLR 
and store the information in the VLR 

20 • register location updates and store them in the 

VLR 

• assist when handover takes place between MSG 's 

• create records for charging 

Frequently, the VLR is integrated in the MSG. The Gateway- 
25 MSG is an MSG with additional functionality to handle 

traffic to and from the fixed network. For incoming traffic 
the G-MSG asks the HLR for routing information to the 
current MSG of the user. 

The MSG communicates with databases like the home location 
30 register (HLR) and the equipment identity register (EIR) via 



BNSOOCID: <WO_9956445Aa_l_> 



wo 99/56445 



8 



PCT/SE99/00621 



an SSI based signaling system called MAP (Mobile Application 
Part) . 

The HLR stores the identity and user data' of all the 
subscribers belonging to the area of the related G-MSC . The 
IMSI (International Mobile Subscriber Number), the phone 
number, service profile etc. are permanently stored in the 
HLR. For routing of incoming traffic , the user's current VLR 
and forwarding information is stored temporarily. 
Authentication and ciphering keys, which are derived in the 
AUG (Authentication Center) are also available from the HLR. 

Authentication and authorization of the terminal takes 
place each time a connection is setup, i.e. for each call. 
The authentication procedure is based on the authentication 
algorithm, which is stored on the SIM card and in the AUG. 
The AUG picks a random number from which the algorithm 
creates the authentication key. The random number and the 
key are then passed on to the HLR and the' VLR, which sends 
the random number to the mobile terminal. The SIM card uses 
the random number to produce the key, which is returned to 
the network- via the terminal . A comparison of the key 
received from the terminal and the one originating from the 
AUG -will tell, if the terminal is the expected one. The same 
method is used for giving the terminal the encryption key, 
but a different algorithm is used. This has the advantage 
that the encryption key is never sent over radio where it 
could easily be picked up by anyone. These algorithms are 
known nowhere outside the home network. On the terminal 
side, the algorithms are embedded in the SIM card and are 
available neither to the terminal nor to the user. 
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GPRS 

GPRS (General Packet Radio Service) [GSM 03.60] is a 
packet sv/itched service which, to a large extent, is based 
on a combination of GSM infrastructure, IP technology and a 
5 ser of new functionality. Figure 2 describes the overview of 
tho GPRS logical architecture. The main advantage of GPRS is 
that the limited radio resource is used only when there is 
data to transmit. There are two kinds of support nodes in 
the backbone, SGSN's (Service GPRS Support Node) and GGSN's 
10 (Ciareway GPRS Support Node). 

li..^ main functions of the SGSN are to: 

• I •*r£orm authentication and other procedures to 
.ft new terminals, connect to its service area 

• !:»-r;d/receive data packets to/ from the GPRS mobile 
lb • K*'cp record of the mobile's location inside its 

::.^rvice area 

• route data packets from one GPRS operator to 
.i::other 

• produce charging data records for the charging 

20 viTKi billing system 

7r,- HGSN communicates with the HLR, the EIR, the 
. center etc. via a GPRS version of MAP. 

main functions of the GGSN are to: 

21 . • • data packets from one GPRS operator to 

' her 

• • .te mobile terminated data packets to 

j ropriate SGSN where the mobile is currently 
: rated 

3 0 • : t as a gateway between GPRS network and 

' ::cernal data networks (IP, X.25, etc.) 
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• handle de/encapsulat ion of user data protocol 
packets when communicating with external data 
networks. 

• produce charging data records for the charging 
and billing system 

GPRS Tunneling Protocol, GTP [gprs09 . 60] , which is a 
specific to GPRS, tunnels user data packets between SGSN's 
and GGSN's. This enables the network to support transmission 
of several packet data protocols, even if the protocol is 

^^P^*^^"^A .^ll..^GSN_; s . GTP also transports/sign^^ 
data for mobility handling between the nodes .' As illustrated 
in figure 3; GTP is placed on top of the transport IP and 
UDP layer in - the protocol stack . By using a" n6n-Vt^a!hdard 
protocol to transport user data, it is probably more 
difficult for users to do anything harmful to the system. On 
the other hand, it makes it impossible to use standard IP 
tunneling mechanisms without special solutions for GTP. An- 
example is future resource reservation protocols, which are 
likely to operate in combination with standard IP-in-IP 
tunneling . 

UMTS 

The UMTS system, which currently is under specification in 
ETSI, is cased on a new UMTS Terrestrial Radio Access 
Network (UTRAN) and existing, but evolved, core networks 
(CN) such as IP, GSM/GPRS CN or ATM '[umts23 . 01 ] . The 
interworking units (IWU) adapt the different CN's to the lu 
interface if needed. The GRAN and the CN's may evolve 
independently of each other, while the IWU's follow the 
evolution oC CN':; <in<i AN ' s to insure interconnection between 
these parrs. For flexibility, the user equipment consists of 
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different modules of which one is a UMTS version of the GSM 
SIM card, the USIM. A general view of the logical modules 
and reference points is shown in figure 4. 

5 The UTRAN will probably have an internal mobility 

management system, which means that, for routing, the CN 
only needs to keep track of in which UTRAN the mobile 
tenrinal is located. The CN will have to handle the 
subscriber information management, basic call handling, 

10 paging initiation, service feature analysis, security 

issues, charging, etc. Evolved versions of the GSM and GPRS 
CN's are foreseen for the initial phase of UMTS [umts23.20]. 

Primarily, the IWU will deal with translation of protocol 
.messages., and network parameters, in those cases where the 

15 protocols in the CN and in the UTRAN are different. If the 
CN does not support functionality required for a UMTS CN, 
the IWU could contain intelligence to enhance the CN . The 
choice of protocols over the lu interface has not yet been 
made . 

20 The Internet Protocol 

The Internet Protocol, IP, is designed to route IP packets 
across networks and network boundaries in a flexible and 
efficient way. Because of its popularity, many services have 
been developed to run on top of the IP protocol. Today, it 

25 is net unusual to implement virtual IP networks within other 
netvjorks based on e.g. ATM or IP, which creates extra 
security, but also additional overhead and processing time. 
The GPRS backbone is one example of such a network. Taking 
into account that UMTS. will not be introduced until year 

3 0 2002, we only consider IPv6 [ipv6] here. 

MobilelPvS [mobip] is designed to deal with "macro" 
mobility management, i.e. the movements of mobile nodes 
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between different IP subnets; Routing in the Internet is 
based on fixed IP addresses, which depends on the subnet, 
through which the terminal is connected to the Internet. 
When connected to a foreign network, the mobile node needs a 
5 temporary address using the prjsfix of the visited network, a 
carc^of address, to be able to receive packets. 

Briefly, MobileIPv6 works in the following way: 

• V/nen the mobile node arrives in a foreign subnet, it 
acquires a care-of address, using the IPv6. address 
10 ' iiutoconf iguration . . • . 

_ >-y^,. ^Qj3jj^2.~e"hbde regis ters^i'ts "care -o~f~ address ~wi'th~ a 
r.'urer in its home subnet which acts as the node's Home 
Aat.'nt (HA). The home agent ^^uses proxy Neighbor. Discovery 
t'> intercept the IPv6 packets addressed to the mobile 
15 ' ie ' s home address . The packets are then tunneled to the 

r i^ile node's care-of address using IPv6 encapsulation. 

means that the mobile node can always be addressed 
r V its home address , independently of which subnet it is 
: ■ »<:ming in . 

20 • w:;.'.-: packets, which are tunneled from the home agent, 

-irr'ive at the mobile node immediately sends a message, 
w:..;*':i includes its current care-of address, to the 
^ rr^TiUnicating node. After receiving such a packet, the 
rrjr.unicating node will send packets directly to the 
25 ' • \:*"6z address. This way, MobileIPv6 inherently supports 
: * iriized routing, which minimizes the load on the home 
When changing care-of address, the mobile node 

* ndn its new care-of address to its home agent and all 

• r:er nodes that it is communicating with. 

30 



BNSDCXID: <WO_9956445A2 i 



wo 99/56445 



13 



PCT/SE99/00621 



Using IP for Service Transport Across Different 
Networks 

Traditionally, telecom systems have been developed with 
one kind of transmission, for one or a few specific and well 

5 specified services which need support by the network. GSM is 
one example of these kind of systems where the time-to- 
market for new services is too long to be competitive. 

UMTS should support mixed services, services provided by 
third-party, etc and new services must be easy and fast to 

0 implement. One possible solution is to use IP as a common 
format to deliver services end-to-end. This does not 
necessarily mean that the IP routing mechanisms have to be 
utilized in all the different networks. For example, the 
UTRAN has to manage micro mobility, which includes frequent 

5 and fast movements between base stations, which Mobile IP is 
not designed to handle. Instead, the IP layer could be 
provided a point- to-point, connection between the IWU and the 
mobile terminal while the , UTRAN handles the changing 
connections underneath . 

0 The main advantages of this approach is that already 

today, an abundance of services and information is available 
on the Internet. Having direct Internet access from the 
mobile terminal would facilitate the convergence of fixed 
and mobile networks on a service level. 
5 In figure 5, the end-to-end IP layer is mapped onto the 

UMTS architecture. The IWU would provide interworking 
between the lower layers of the core network and the access 
network. 
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GSM, IP and Broadband Radio Access - a Mix that 
Matches 

As we have seen in previous sections/ the UMTS UTRAN 
together with GSM/GPRS core networks wpuld give us a system, 
which would handle mobile users, excellently and provide high 
bandwidth connections over the radio interface. There is 
also support for the operator to profit from running such a 
network. However, neither GSM nor GPRS are designed for 
large volumes and the GPRS backbone is rather inefficient 
due to the large overhead. 

._ On the. o.ther, hand,. _IP„_is . simple ^^^a^ _ 

transporting data through networks. Enhanced with MobilelP, 
which is optimized for roaming, between subnets, it is an 
interesting UMTS core network candidate. Unfortunately, it's 
support for subscriber handling and charging is poor. 

.Let us therefore 'Study how .the different parts from IP, 
GPRS and UI-ITS could interwork to . support mobility. First, we 
will study the case, which is illustrated in figure 6, where 
the terminal stays within its home IP network : 

• THe mobile terminal arrives at -a new UTRAN and listens 
to the radio broadcast messages, which contain 
information about radio parameters, network and cell 
identity, etc. as well as information about available 
core networks, service providers, service capabilities 
etc . 

• The mobile terminal sends a registration 
request including parameters such as identity, 
desired service provider etc. 

• The UTRAN forwards the registration request to 
the SGSN, which processes it: 
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• The SGSN contacts the HLR of the mobile terminal 
to collect data to perforin an authentication 
procedure. 

• Once the terminal is authenticated and found to be 
allowed in the present UTRAN, all information over 
the radio interface can be encrypted. Encryption 
keys are obtained from the HLR, A random number is 
sent to the mobile which can calculate the key 
with ah algorithm stored in the terminal. This 
way, the key is not sent over the radio interface. 

• At this point, the terminal also gets 
registered in the UTRAN along with location 
data and radio specific information. 

• Now, the terminal can start communicating over the IP 
layer. The terminal listens to router advertisement 
messages and solicit the nearest DHCP server [dhcp] to 
obtain* a configuration parameters and a care-of- 
address. It is assumed that only stateful address 
configuration will be used, since it gives a better 
support for registration of the terminals than 
stateless. Logically, we include the IP functionality 
in the SGSN and call the entire unit SGSN' and the HLR 
records include the care-of address of the mobile 
terminal . 

• The mobile terminal will then contact its home 
agent to register its new care-of address 
according to standard MobilelP. 

• The home agent has to accept or reject the registration 
of a care-of address. Before making a decision, the 
home agent could contact the HLR (via a new interface) 
to obtain information that this terminal is properly 
registered. In addition, the keys needed for using the 
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IPsec authentication header and/or the encapsulation 
security payload [ipsec] could be obtained from the 
HLR. The mobile terminal can derive its keys from 
information on its USIM in the same way as in the GSM 
system. 

• While the terminal is connected and transmits data, 
charging data records are produced by the SGSN' . 
Systems for billing and customer handling, already in 
operation for GSM, can easily be used also for UMTS. 

... i^^?.^...'^ / _ the mobile^ .terminal _is„ roaming in. a .foreign- 

network. The procedure for registering in that network is 
very similar to the home network case, the only difference 
being that the visited SGSN' contacts the "hLR I'h the 
terminal's home network, either via the international SS7 
network or by tunneling the MAP protocol messages through 
the Internet. The mobile terminal registers with the same 
home agent as before. 

The ETSI group SMG12 works with UMTS architecture and 
evolution scenarios [umts23 . 30 ] . One idea for evolution is 
depicted in figure 8. The most straightforward way to 
implement UMTS with an already existing GPRS network is to 
attach the UTRAN to the Gb interface via the IWU-Gb. 
However, if the UTRAN will be based on IP, a new IP based 
interface, Gbu, should be opened up at the SGSN, requiring 
an IWU-Gbu. In this description we have gone one step 
further and transformed the SGSN into an IWU for a core 
network based directly on standard IP and MobilelP. 
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UMTS, the third generation cellular system which is 
currently being specified by ETSI, is the first one to be 
optimized for extensive use of data services mixed with 
speech. One solution is to use the IP protocol for the 
5 transport of services across core and access networks. Using 
a Mobilel? core network would allow roaming between URAN's 
in a rather straightforward way. However, radio resources 
are scarce and public cellular systems are expensive to 
operate, and hence, it is of great importance that the users 
10 can be properly charged for the services they are using. In 
the near future, it is doubtful that this requirement can be 
fulfilled by (Mobile) IP networks. Instead, parts from 
GSM/GPRS could be reused to complement the functionality of 
IP. networks . 

15 In this description, a network scenario is presented where 

the UMTS core network is based on Mobile IPv6, which 
supports roaming and possibly also handover between UTRAN's. 
Since the GSM/GPRS system already has several key functions 
to handle mobile users, e.g. subscriber data, access 

20 control, keys for encryption over radio, accounting 

information, the GPRS SGSN node should be reused to handle 
the setup of lower layer communication, including 
authentication and check of subscriber profile etc. A 
successful lower layer setup should be required in order to 

25 obtain a MobilelP care-of address. The mechanisms for 

distributing authorization and encryption keys in GSM/GPRS 
can also be utilized for distributing keys for the IPsec 
protocol . 
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CLAIMS 



5 1 network (GSM/GPRS) with functionality which is 

related to distribution or keys for authorisation, 
authentication and ciphering, subscriber information handling 
and CDR generation characterised in that the functionality is 
combined with the internet protocol for transporting data and 
10 handling macro mobility to form an efficient as well as 
secure core network for mobile users . 

2 A network, as claimed in claim 1, characterised in 
that parts from GSM/GPRS is reused to i complement the 

15 functionality of IP networks. 

3 A network, as claimed in claim 2, characterised in 
that the GPRS - SGSN is reused to handle the setup of lower 
layer communication. 
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